While insider threats are rising, IT security budgets are not, according to the Insider Threat Spotlight Report released by Vectra Networks. Of those surveyed, 68 percent feel vulnerable to insider threats and less than half feel they have sufficient control over insider threats.
The survey of more than 500 cybersecurity professionals in the Information Security Community on LinkedIn also reveals that 62 percent say insider threats have become more frequent in the past 12 months. Only 34 percent expect additional budget to address the problem.
Less than 50 percent feel they have appropriate controls in place to prevent insider attacks, while 62 percent say that insider attacks are far more difficult to detect and prevent than external attacks.
Privileged users, such as managers with access to sensitive information, pose the biggest insider threat (59 percent). This is followed by contractors and consultants (48 percent) and employees (46 percent).
Meanwhile, 38 percent estimate that remediation can cost up to $500,000 per insider attack, while 64 percent find it difficult to estimate the damage of a successful insider attack.
“Asking security professionals to do more with less puts organizations at risk,” says Holger Schulze, founder of the Information Security Community on LinkedIn. “Insider threats cause long-lasting economic and reputation damage to an organization.”
“Insiders often already have access to systems and sensitive information, making it vital for organizations to deploy security solutions that monitor internal traffic in addition to Internet-bound traffic where signs of insider attacks and external cyber attacks can be detected in real time,” he added.
The survey shows that most organizations focus their insider threat management efforts on deterrence, including user training (45 percent) and background checks (41 percent), while only 39 percent monitor user activities, largely through access logging. With less than half indicating they have appropriate controls, these passive precautions alone are insufficient when privileged users have malicious intent.
“It’s imperative to proactively identify threats in real time so security teams can take action before data is lost,” says Mike Banic, VP of Marketing at Vectra Networks. “Vectra actively monitors internal network traffic to pinpoint both insider and cyber attacks in progress. We prioritize attacks that post the greatest risks so security teams can take action to quickly prevent or mitigate loss.”